What I mean is that the Spammers have reportedly broken the tools deployed by the online giants Google and Microsoft to stop spammers from trading on the good name (and thus reputation) of the large farms of mail servers hosted by these two companies.

They have to have 100’s if not 1,000’s of mail servers under their control to be able to offer the gmail and live e-mail experience to their customers and you can almost hear the splash of saliva hitting the floor as the spammers work hard to get access to all this e-mail delivery power.

These two Internet Giants had issues a while ago with spammers breaking the CAPTCA technology using automatic Optical Character Recognition (OCR) or farming it out to real humans so they had implemented additional controls in the ongoing escalation on the war on spam.

CAPTCHAs (Completely Automated Public Turing test to tell Computers and Humans Apart) are those images with the distorted or obscured letters that computers are not so good at figuring out but which are a snap for a human.

As long as there is an economic incentive to send spam the spammers will have the money to either research better tools to recognize the images or will just farm it out to real people who are willing to work for a few cents per image or even for free if you make it part of a game or required to sign up for something people want like a ‘free’ ring-tone of the latest band.

More details on the Register’s website.

http://www.theregister.co.uk/2008/10/03/captcha_break/

- The Spam Cryer

Here are some more Blog articles on CAPTCHA Spam:

This makes sense as some names are more popular and thus easier for the spammers to guess. I happen to know lots of people – 10+ with the first name ‘Scott’ (one is my brother) but none that have the first name Zeus. There is an interesting graph in the PDF on page 2 that shows both the amount of spam and ham and then the ratio between them for different letters of the alphabet. What does your e-mail address start with?

This only reinforces what I have felt all along that some people are more popular spam targets than others.

http://www.lightbluetouchpaper.org/2008/08/25/zebras-and-aardvarks/

- Shaun

Here are some more articles on the study (including the original):

- Shaun

Original article: http://blogs.techrepublic.com.com/networking/?p=620&tag=nl.e102

In the world of botnets, Storm isn’t king anymore, but Storm’s botnet owners aren’t giving up. This article is a reminder by Michael Kassner of the need to remain vigilant and not fall prey to the Storm worm or its relatives.

——————————————————————————————————————-

It appears that the Storm worm is making a comeback. I first made mention of this botnet maker in the article “Kraken: The biggest, baddest botnet yet“, where I explained how Storm was losing its grip as being the largest botnet in history to Kraken and Srizbi as the second largest. Well, Storm developers have added a few new twists to their arsenal and are seeing a resurgence in the size of their botnets. Therefore it’s very important to not become complacent about this type of malware as it relies on social engineering to propagate. I’d like to take a few moments to go over the process so we’re all clear on how the infestation occurs.

How my computer became a zombie

Let’s follow the process of becoming infected with Storm and the after-effects:

That’s one scenario and as botnet malware matures other more sophisticated attack venues are introduced. For instance, the delivery mechanism used by the Storm worm changes regularly. It starts out as PDF spam progressing to links for e-cards or invites to Web sites. The worm developers will try any method possible to entice users to click on a phony link or attachment. The initial e-mail used by Storm also morphs. There are new subject lines and body text that refer to relevant news or issues — any way to subjugate human nature.

The willingness to prey on human nature is why Storm is back in the news. It’s propagating successfully using an e-mail with a subject line of “FBI may strike Facebook” or “The FBI has a new way of tracking Facebook.” It appears that once again the developers have touched on a chord of human nature and are getting a decent infection rate.

Final thoughts

I could spend all sorts of time on the intricacies of how each of the top three botnets work or how successful they are at evading detection, but that wouldn’t help. This article is my regular attempt at making sure all of us are cognizant of the need to be web-savvy, always questioning whether that link or an attachment makes sense. Doing so will go a long way to reducing the amount of spam we receive. This certainly includes me, as I’ve been very close to becoming an unwilling botnet member myself.

——————————————————————————————————————-

Michael Kassner has been involved with wireless communications for 40 plus years, starting with amateur radio (K0PBX) and now as a network field engineer and independent wireless consultant. Current certifications include Cisco ESTQ Field Engineer, CWNA, and CWSP.

Here are more Blog articles on the Storm Worm:

While [tag]McAfee[/tag] is supposed to release the full report today one mother of three named Tracey Mooney has already talked to Network World and given her version of the experience of being deliberately naive on the Internet for a month.

The outcome?

Tracey is quoted as being ‘Horrified’ at the ‘snake oil’ and ‘true junk’ she received in her inbox. Over the course of the month she received her share of the 23,233 SPAM messages sent to the 5 US based participants and even her snail mail box started filling up with the offers for things like a Credit Card with a $7,500 limit in the name of her alias ‘Penelope Retch’. The PC’s used were clogged up with malware and as a result were noticeably slower. I think I predicted this outcome when we first heard of this experiment.

Network World article:

• www.networkworld.com/news/2008/070108-mcafee-spam-experiment.html?page=1

McAfee S.P.A.M. site:

• www.mcafeespamexperiment.com

Our Predictions:

• www.cudamail.com/blog/2008/04/10/MyPredictionsOnMcAfeesGlobalSpammedPersistentlyAllMonthOrSPAMExperiment.aspx

So what is the word to the wise?

1. If it sounds too good to be true it probably is.
2. Don’t click on unsolicited links in e-mail as you will probably get infected and have to wipe your PC and start over wasting your valuable time.
3. Use a good anti-spam service such as [tag]CudaMai[/tag]l that focuses on keeping the false positives to a minimum while still blocking 95% or more of the spam.
4. Keep your desktop anti-malware protection up to date.
5. Do regular backups for when you do get infected and have to start over.
6. Download and apply the patches for your Operating system (XP, Vista and even Linux!) and programs on a regular, at least monthly, basis.

Play safe out there on the Internet!

- Shaun